Vedder Price is proud to announce the launch of The 21st Century Banker, a blog offering reliable and trusted news, commentary and industry updates for financial institutions.

Subscribe by visiting http://www.vedderbanking.com/ to receive updates when new content is posted.

Vedder Price is pleased to announce attorney Dylan Potter has joined the firm as a Partner in its Global Transportation Finance group in the firm’s London office.

Mr. Potter advises on a broad range of financing, leasing, capital markets and fund products involving commercial and corporate aviation, shipping, satellites, utilities and industrial equipment. He represents lenders, export credit agencies, operating lessors, lessees and equity investors in these sectors.

“I am excited to join Vedder Price as a Partner in its market leading transportation finance practice,” said Potter. “I look forward to serving my clients alongside my new colleagues and helping grow our aviation, maritime and equipment finance practices.”

Mr. Potter joins from the Structured & Asset Finance practice in Allen & Overy’s London office. He has been involved in many innovative and award winning transactions, including the first export credit supported Sukuk, which remains the largest ECA supported capital markets offering in the aviation sector, as well as large scale satellite financings, portfolio and company acquisitions and divestments involving multiple aircraft and vessels, distressed debt transactions, restructurings and structured, tax-based and cross-border leasing.

“Dylan is a great fit for our London transportation finance practice,” said Dean N. Gerber, Vedder Price Board of Directors member, Executive Committee Vice Chair, and Chair of the firm’s Global Transportation Finance team. “His experience further enhances our capabilities to serve our clients on an international level and we look forward to what he offers to our growing client base.”

In addition to Mr. Potter, the London office is also proud to welcome Solicitors Ryan Cheung and Georgia Harris to the Global Transportation Finance group.

Vedder Price enjoys a strong worldwide reputation for legal services related to the transportation finance industry. The firm serves a broad base of clients across all transportation sectors, including the aviation, aerospace, railroad and marine industries, and serves both U.S.-based and international clients who execute deals worldwide. The firm was named the "Law Firm of the Year" at the 2017 Aviation 100 Awards.

Vedder Price is pleased to announce that it represented SKY Aircraft Leasing International Limited (“SKY Leasing”) in connection with the structuring of a sale of a portfolio of up to 21 aircraft to S-JETS 2017-1 Limited (“S-JETS“), a special purpose company, and the issuance of $780.8 million of notes by S-JETS in an ABS transaction.

S-JETS is expected to use a portion of the proceeds of the notes to acquire up to 21 aircraft. The aircraft are currently on lease to 16 lessees located in 13 countries and have an appraised value of approximately $1 billion. SKY Leasing is the servicer for S-JETS and the portfolio.

“We are proud to have participated in SKY Leasing’s inaugural ABS transaction. Vedder Price’s Global Transportation team brought the right level of depth and experience needed to successfully close this complex and innovative transaction. Our team is an industry leader in the aircraft ABS space, and this transaction further demonstrates our extensive global capabilities in aviation finance and leasing generally,” said Dean Gerber, Chair of the Global Transportation Finance team.

Standard & Poor’s and Kroll Bond Rating Agency (KBRA) assigned preliminary ratings to three series of notes issued by S-JETS. The $657.8 million Class A notes, with a 66.3% loan‐to‐value (LTV) ratio, have been rated “A.” The $81 million Class B notes have been rated “BBB” and have an LTV of 74.5%, and the $42 million Class C notes, with an LTV of 78.7%, have been rated “BB.”

“We are delighted to have partnered with SKY Leasing on their first ABS deal,” said Global Transportation Finance Shareholder Raviv Surpin. “We look forward to a growing relationship as they explore further opportunities after this successful debut.”

In addition to Mr. Surpin, the Vedder Price team included Shareholders Adam Beringer (Global Transportation Finance), Kevin MacLeod (Capital Markets) and Matthew Larvick (Corporate Taxation), and Global Transportation Finance Associates Laura Bond, Matthew Gaspari, Amir Heyat, Elizabeth Jiang, Marcelle Lang, Clay Thomas and Hiral Zalavadia.

Vedder Price has been recognized by BTI Consulting Group as one of the top firms most recommended by legal decision makers in an unprompted manner. This is the fifth year in a row that the firm has received this recognition.

According to the report, “Top legal decision makers have a time-honored code — they will recommend the law firms who do a much better job than anyone else. Every recommendation is a personal statement about the type of provider — the commitment, service, quality, and demeanor — you are willing to entrust to a peer, from whom they would expect the same.”

“We are honored to have received this accolade five years in a row,” said Vedder Price President and CEO Michael A. Nemeroff. “Our focus on client service and our enduring relationships with outstanding clients is what makes Vedder Price stand out, and I’m proud that our attorneys receive this worthy recognition for their efforts.”

Every year, BTI reaches out to a sample of legal decision makers at large organizations with $1 billion or more in revenue. The recommendations directly reflect personal standards of quality, client service and value.

To read the full report, please click here.

On July 10, 2017, the Consumer Financial Protection Bureau (the “CFPB”) finalized its proposed arbitration rule that will prohibit providers of certain consumer financial products and services from requiring a consumer to utilize mandatory pre-dispute arbitration in lieu of a consumer filing or participating in a class action (“Arbitration Rule”). In other words, no longer may covered entities require a consumer to use arbitration in lieu of class action participation. This Arbitration Rule will likely have far ranging consequences for covered providers, including mandatory updates to consumer agreements, likely increases to legal and compliance costs and increased operational risks in new consumer products.

Background

Congress directed the CFPB to study pre-dispute arbitration agreements in the Dodd-Frank Wall Street Reform and Consumer Protection Act (“the Dodd-Frank Act”). The Dodd-Frank Act also authorized the CFPB, after completing the study, to issue regulations restricting or prohibiting the use of arbitration agreements if the CFPB found that such rules would be in the public interest and for the protection of consumers. In 2015, the CFPB published and delivered to Congress a study of arbitration. On May 24, 2016, the CFPB proposed the Arbitration Rule with a request for comment. Since May 2016 the CFPB has been silent, leading many in the financial services industry to believe that, with the change in administration, the CFPB had abandoned the Arbitration Rule. In finalizing the Arbitration Rule, the CFPB has answered the industry’s long outstanding question. Would the CFPB be more moderate in its approach in issuing regulation that drastically impacts financial services providers? The industry has its answer. The CFPB has answered in the negative.

What institutions are covered by the Arbitration Rule?

The Arbitration Rule will apply to most banks and nonbank lenders (e.g., mortgage and FinTech), payment processing companies, consumer reporting agencies, debt collection agencies and certain automotive finance companies. Specifically, the CFPB states that Arbitration Rule will only apply to providers of certain consumer financial products and services in the core consumer financial markets of lending money, storing money and moving or exchanging money, including most providers that are engaged in the following activities:

• most types of consumer lending (such as making secured loans or unsecured loans or issuing credit cards);
• activities related to that consumer lending (e.g., providing referrals, servicing, credit monitoring, debt relief, and debt collection services, among others, as well as the purchasing or acquiring of such consumer loans);
• extending and brokering automobile leases that operate as the “functional equivalent” of automobile purchase finance arrangements (traditional automotive finance transactions are excluded);
• storing funds or other monetary value for consumers (e.g., providing deposit accounts); and
• providing consumer services related to the movement or conversion of money (e.g., certain types of payment processing activities, transmitting and exchanging funds, and cashing checks).
  

The Arbitration Rule

Class action prohibitions are unenforceable. The Arbitration Rule prohibits providers of certain consumer financial products and services from using an agreement with a consumer that provides for arbitration of any future dispute between the parties in lieu of a consumer filing or participating in a class action.

The CFPB notes that this prohibition will permit an arbitration agreement that allows for class arbitration, provided that a consumer is not required to participate in class arbitration instead of class litigation. In other words, a pre-dispute arbitration agreement that allows a consumer to choose whether to file a class claim in court or in arbitration will be permissible under the Arbitration Rule, although an arbitration agreement that permits the claim to only be filed in class arbitration will not be permissible.
   

All covered consumer financial services agreements utilizing pre-dispute arbitration agreement must be updated with a specified plain-language statement. The CFPB is requiring that covered providers update their consumer financial services agreements to include a specified plain-language provision in their pre-dispute arbitration agreements disclaiming the agreement’s applicability to class actions. Specifically, the CFPB has provided this language for three specific scenarios.

First, for all covered consumer financial services agreements that are entered into after the compliance date (as discussed below) and which have a pre-dispute arbitration provision, the provision must contain the following language:

We agree that neither we nor anyone else will use this agreement to stop you from being part of a class action case in court. You may file a class action in court or you may be a member of a class action even if you do not file it.

Second, when the pre-dispute arbitration agreement is for multiple products or services, only some of which are covered by the Arbitration Rule, the provider must include the following provision:

We are providing you with more than one product or service, only some of which are covered by the Arbitration Agreements Rule issued by the Consumer Financial Protection Bureau. We agree that neither we nor anyone else will use this agreement to stop you from being part of a class action case in court. You may file a class action in court or you may be a member of a class action even if you do not file it. This provision applies only to class action claims concerning the products or services covered by that Rule.

Third, when the pre--dispute arbitration agreement existed previously between other parties and does not contain either the provision identified above, the provider shall ensure the agreement is amended to contain the following provisions within 60 days of entering into the pre-dispute arbitration agreement.

We agree that neither we nor anyone else who later becomes a party to this pre-dispute arbitration agreement will use it to stop you from being part of a class action case in court. You may file a class action in court or you may be a member of a class action even if you do not file it.

We agree not to use any pre-dispute arbitration agreement to stop you from being part of a class action case in court. You may file a class action in court or you may be a member of a class action even if you do not file it.

If the covered provider uses pre-dispute arbitration agreements in its consumer contract, the CFPB requires that the covered provider submit specific arbitral records to the CFPB. The Arbitration Rule will require a covered provider that is involved in an arbitration pursuant to a pre-dispute arbitration agreement to submit specified arbitral records to the CFPB within 60 days after the documents are filed with the arbitrator. The CFPB intends to use the information it collects to continue monitoring arbitral proceedings to determine whether there are developments that raise consumer protection concerns that may warrant further CFPB action. These materials will be published by the CFPB on its website in some form, with appropriate redactions or aggregation as warranted.

What is the effective date?

The CFPB has designated August 10, 2017 as the Arbitration Rule’s effective date. Pursuant to the Dodd-Frank Act, the Arbitration Rule will only apply to agreements entered into 180-days after the effective date. Consequently, the Arbitration Rule will become fully effective on February 10, 2018.

What does this mean for your institution?

In sum, the consequences for covered providers are likely to be far ranging. In the short term, to facilitate implementation and ensure compliance, covered providers will need to update their consumer form agreements with the specific plain-language provisions identified in the Arbitration Rule. In addition, covered providers seeking to maintain pre-dispute arbitration provisions will need to plan and implement a process for submitting the specified arbitration documents to the CFPB.

In the long term, with consumers no longer subject to mandatory arbitration, covered providers should expect legal and compliance costs to rise. While only speculative at this point, it is fair to say that the number of consumer class action suits filed will likely increase. Consequently, covered entities will likely need to dedicate additional resources to defend prospective class actions. In addition, with a likely increase in the number of class actions filed, the Arbitration Rule will increase the risks associated with any rollout of new consumer products or services.

There continues to be stiff resistance to the Arbitration Rule

While the Arbitration Rule has been finalized, there continues to be stiff resistance to its implementation. In its July 10, 2017 letter to the CFPB, the Acting Comptroller of the Office of the Comptroller of the Currency stated that the Arbitration Rule may saddle banks with “potentially ruinous liability” and risk the safety and soundness of the banking system as a whole. In Congress, Senate Banking Committee member Tom Cotton and House Financial Services Committee member Roger Williams declared that they will seek to block the Arbitration Rule pursuant to the Congressional Review Act. In the end, the Arbitration Rule’s continued viability is far from certain.

To view the full text of the CFPB’s Arbitration Rule, click here.

For more information about the recent CFPB announcement, please contact James M. Kane at +1 (312) 609 7533, Daniel C. McKay, II at +1 (312) 609 7762, James W. Morrissey at +1 (312) 609 7717, Jennifer Durham King at +1 (312) 609 7835, Juan M. Arciniegas at +1 (312) 609 7655, Lisa M. Simonetti at +1 (424) 204 7738, Lino J. Lauro at +1 (424) 204 7733, Mark C. Svalina at +1 (312) 609 7741 or your Vedder Price attorney.

The EU’s General Data Protection Regulation (679/2016/EU), the GDPR, comes into force across the EU on 25 May 2018. As it is being made by regulation the GDPR, unlike the existing Data Protection Directive (implemented into the UK by the Data Protection Act 1998), will have direct effect throughout the EU. National governments will have some limited scope to tailor certain of its provisions to their jurisdiction. However, the GDPR will significantly harmonise the current national data protection laws across the EU.

Notwithstanding Brexit, the UK government has indicated its intention to implement the GDPR in full. The UK regulator’s (the Information Commissioner’s Office) powers and ability to work seamlessly with other national EU regulators will form a negotiation point in the coming Brexit deal.

Impact

The GDPR will apply to any use of personal data arising in connection with either the offering of any goods or services to individuals located in the EU (whether for payment or not), or the monitoring of the behaviour of EU-based individuals. This is a significant change to the scope of previous legislation and has the effect of:

• focusing the legislation on the individuals whose data is being utilised, as opposed to the organisations utilising the data (i.e., any worldwide business with customers located in the EU will be subject to the GDPR in respect of those customers); and
• clearly encompassing the tracking of individuals’ EU-based internet activity, whether via a website or app (i.e., any worldwide business which uses tracking cookies or retrieves app usage information in respect of EU-based activity will be caught).

The location of data processing equipment is no longer a determining factor – i.e., worldwide businesses cannot avoid the application of the GDPR by locating processing equipment outside the EU.

Key Points

Some of the key points to note in respect of the GDPR include:

Consent - Obtaining consent from individuals for the processing of their data under the GDPR will be significantly harder. Individuals will be required to clearly give their affirmative consent – e.g., it is expected that website tick-boxes must be ‘opt-in’ and must not be pre-ticked. The business (a data controller) wishing to collect and utilise the data must clearly explain the uses to which the data is to be put and will be required to provide evidence that their processes are compliant and followed in each case. Individuals must be able to withdraw their consent at any time, and businesses must have mechanisms in place to easily enable (e.g., via a website) and effect any such withdrawal. Individuals will have a right to be forgotten (i.e., the deletion of their data) and a right to object to profiling (particularly relevant to website advertisers).

Children – The age of consent to data processing will be raised. Each EU jurisdiction will have the ability to set the age between 13 and 16. Below this the clear affirmative consent of a legal guardian will be required. This will particularly impact websites and apps targeted at children.

Inception - Businesses will be required to consider data protection issues at the creation of any new technology, product or business, and to ensure that suitable protection mechanisms are in-built. Businesses must also ensure that they only collect and process the minimum required data for the express uses to which consent has been given.

Processors - Data processors will be directly subject to the provisions of the GDPR. As a result it is expected that the cost of data processing services provided by outsourced data processors to data controllers is likely to increase. Data processors will also want to review and potentially renegotiate their processing agreements. Data processors employing 250 or more people (and, in some circumstances, any data processors irrespective of their size) will be required to keep detailed records of their processing activities.

Data Protection Officer - Processors processing a significant volume of data, or processing ‘sensitive’ data, may be required to appoint a data protection officer (DPO). The DPO will be responsible for monitoring the data processing activities of the business and ensuring their compliance with the GDPR. It is expected that certain businesses may voluntarily appoint a DPO to help demonstrate an adoption of best practice procedures and strengthen any defence to regulatory investigation.

Data Breaches - data breaches must be notified to the relevant supervisory regulator as soon as possible, and in any event within 72 hours of the breach being identified. The GDPR states that breaches that are unlikely to result in risks to individuals do not require reporting. However, as most breaches could arguably result in a risk to an individual, further guidance is currently being sought on this point.

Data Transfers

Transfers of data of any EU-based individuals outside of the EU continues to be regulated by the GDPR. However, the increased sanctions for breaches of the new rules (see below) are likely to mean that non-EU businesses will have to carefully review their existing arrangements to ensure they are compliant.

The EU Commission may identify specific jurisdictions which are deemed to have adequate data protection laws in place and to permit data transfers to those jurisdictions. As a result of recent decisions of the European Court of Justice, the United States is not currently included in this list. The EU and U.S. have negotiated a new data transfer agreement (the Privacy Shield) to replace their previous transfer arrangements. The Privacy Shield enables data transfers to be made to the United States recipients that are subject to regulation by the Federal Trade Commission or Department of Transport and that have self-certified their compliance with the Privacy Shield’s requirements.

Compliance requires, amongst other matters, certifying organisations to adopt privacy policies which address data protection matters in a manner sufficiently compliant with European principles (e.g., as regards information provided to data subjects, data security, dispute resolution and data access). The Privacy Shield is currently subject to various legal challenges from EU-based privacy campaigners, largely stemming from the ability of the U.S. intelligence services to access and utilize transferred data.

Failing this, transfers of personal data may only be made:

• on the basis of a data transfer agreement between the transferor and recipient of the data which incorporates certain prescribed contractual clauses; or
• by a UK company to other members of its group, on the basis of a set of legally-enforceable corporate rules (called binding corporate rules). Binding corporate rules must be approved by the Information Commissioner’s Office.

Enforcement and Sanctions

A business subject to the GDPR with operations, but not separate subsidiaries, in a number of EU jurisdictions will need to identify a main establishment in the EU. The regulatory authority of this jurisdiction will be the ‘lead supervisory authority’ for the business and will be responsible for coordinating with the regulatory authorities in any other EU jurisdiction with data subjects affected by the activities of that business. It is hoped that this will cut the administrative burden by enabling businesses to deal with a single regulator covering all of their European activities. Individual subsidiaries will each be subject to the regulatory authority of their jurisdiction of incorporation.

The sanctions for breaches of the GDPR are significantly stronger than is currently the case. Certain breaches will attract fines of up to 2% of the annual worldwide turnover of the relevant business (with a minimum fine set at €10 million). More serious breaches will attract fines of up to 4% of the annual worldwide turnover of the relevant business (with a minimum fine set at €20 million). The regulatory authorities will be able to conduct data protection audits and to require the provision of any relevant information. The maximum fine for breach of the UK’s current data protection legislation is set at £500,000.

Action points

The significant penalties for non-compliance are expected to quickly move data protection issues to the forefront of the minds of in-house counsel. Worldwide businesses gathering and utilizing data on any EU-based individuals should consider the following steps:

• Understand the new regulatory framework and, where relevant, identity the jurisdiction that will act as the ‘lead supervisory authority’ of the business.
• Review the processes by which consent to data processing is obtained, and the uses to which such data will be put is explained.
• Review any data processing agreements to ensure compliance with the new obligations on data controllers and data processors under the GDPR.
• Review the mechanisms by which information relating to EU data subjects is transferred outside the EU (whether to another group company or an external provider), and ensure that they are appropriate to permit such data transfers.
• Consider the data gathering and processing activities of the business and whether these give rise to the need to appoint a data protection officer.
• Review data breach policies to ensure compliance with the requirements of the GDPR.

Vedder Price is currently advising its clients on various aspects of the implementation of the GDPR. Please contact us for further information.

For more information please contact Jonathan Edgelow.

Many employers who utilize powered industrial trucks (forklifts, scissor lifts, high lifts, etc.) often do not understand what they are required to do in order to develop and implement a comprehensive program incorporating training, inspection, maintenance and record keeping that will comply with the applicable standards promulgated and enforced by the Occupational Safety and Health Administration (OSHA). Join Shareholder Aaron R. Gelb and Associate Elliot G. Cole as well as former OSHA Area Director and current Regional Director for SCT, Inc. Thomas P. Bielema as they present a live Lorman webinar on “Powered Industrial Truck Safety Programs,” on October 25 from 1-2:30 PM EST, to learn how to reduce the risk for significant OSHA citations.

This live webinar will help the persons responsible for employee health and safety, as well as those who handle the claims associated with employee injuries, to understand how to take a critical look at their current program and identify what they need to do to reduce the risk of OSHA issuing citations for deficient aspects of their program. The trio will also cover what OSHA typically looks for when conducting an inspection and will offer tips and pointers regarding how to respond during such an inspection, as well as what to do in the event a citation is issued to your company.

To register for this webinar with a 50% savings*, please click here.